Resource exhaustion in Ieaturanium238 Cattown

CVE-2025-58451

Cattown is a JavaScript markdown parser. Versions prior to 1.0.2 used regular expressions with inefficient, potentially exponential worst-case complexity. This could cause excessive CPU usage due to excessive backtracking on crafted inputs…

Vulnerability class: DoS (Denial of Service)

EPSS: 0.003 (22.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References